Microsoft Security details BulletProofLink, a phishing-as-a-service provider

Get a free Techzine subscription!

Microsoft announced they catched an extensive phishing-as-a-service operation providing various services to those who wish to start phishing campaigns. These campaigns send messages that fool people into responding and offer attackers ways of breaching systems. By monitoring their work Microsoft learned a lot to stop phishing attacks.

The operation is called BulletProofLink and sells phishing kits, email templates, hosting, and automated services at considerably affordable prices. The service has over 100 phishing templates that mimic known companies like Microsoft. The services are described as nearly effortless to use.

Just like a legitimate software business

Microsoft says that the operation is behind many of the phishing campaigns impacting enterprises today. It is used by multiple attackers in either one-off or monthly subscription-based models.

The campaigns are a way for hackers to get steady streams of revenue. The price range of BulletProofLink services vary. Some, like a one-time hosting link, can cost as little as $50. Those in need of full-range services have to pay about $800 a month.

Customers interact with the group using methods like ICQ, Skype, chatrooms, and forums. Like legitimate software businesses, the group provides customer support services for new and existing customers. The hosting service also has a weekly log shipment for purchasers, sent via email or ICQ.

The cybercrime industry’s as-a-service approach is the new norm

Credentials are received on a template page, which is sent to password-processing sites owned by the operator. One of the group’s interesting approaches is called infinite domain abuse. The approach compromises a website’s domain name server to create infinite subdomains that allow an attacker to use a unique URL for every recipient while only having to buy or compromise one domain for weeks.

Email phishing and related cyber crimes have grown complex and created an ecosystem where tools and capabilities are provided on an as-a-service basis. It highlights the need for security to step up and strengthen systems.